The unattended-upgrades package can be used to automatically install updated packages, and can be configured to update all packages or just install security updates.
To configure unattended-upgrades, edit /etc/apt/apt.conf.d/50unattended-upgrades.
To enable automatic updates, edit /etc/apt/apt.conf.d/20auto-upgrades.
In looking into compromised systems, often what is needed by incident responders and investigators is not enabled or configured when it comes to logging. To help get system logs properly Enabled and Configured, below are some cheat sheets to help you do logging well and so the needed data we all need is there when we look.
documentation sysadmin tipsTools and settings for the windows time service.
windowsDocumentation of API endpoints on the UniFi controller software. This is a reverse engineering project that is based on browser captures, jar dumps, and reviewing other software that has been written to work with the controller. It's received minimal testing.
ubiquiti documentation apiRemembering the current directory for each drive has been preserved ever since DOS 1.0, although there isn’t actually such a concept as a per-drive current directory in Win32. The appearance that each drive has its own current directory is a fake-out by cmd.exe which uses environment variables to create the illusion to batch files that each drive has its own current directory.
windowsWindows Server 2019 and the most recent version of Windows 10 include the ability to install both an SSH client and an SSH server. To get an SSH client onto Windows 10 or Windows Server 2019, without using 3rd party software or installing Windows Subsystem for Linux, use the PowerShell command:
Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
Systems Manager Automation simplifies common maintenance and deployment tasks of Amazon EC2 instances and other AWS resources. Automation enables you to do the following.
This is a fork of Michal Gajda's PSWindowsUpdate PowerShell module. The original module can be found on the PowerShell Gallery.
windows github powershellThe Windows Update Agent (WUA) API is a set of COM interfaces that enable system administrators and programmers to access Windows Update and Windows Server Update Services (WSUS). Scripts and programs can be written to examine which updates are currently available for a computer, and then you can install or uninstall updates.
windows scriptingIf the router is filtering too, ubuntu has to be aware of the gateway's existence for both interfaces and use table and rule settings for a correct routing.
Normally, a Linux system only has one routing table, in which only one default gateway can make entries. With iproute2, you have the ability to setup an additional routing table, for one thing, and allow this table to be used by the system based on rules, for another.
linux networking homelabThis project describes the Ubiquiti EdgeRouter Lite (and EdgeRouter 4), EdgeSwitch 24 and UniFi Access Point network design for a SOHO (Small Office/Home Office) network.
ubiquiti networkingThis guide outlines basic steps used to troubleshoot Group Policy application errors using the Group Policy Service Debug logs (gpsvc.log).
Enable by setting HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics\GPSvcDebugLevel REG_DWORD to 30002 (hex), and ensure %windir%\debug\usermode exists. The gpsvc.log log will be created in this directory when updating group policy (eg gpupdate /force).
LAPS is easy to deploy and works great. The challenge comes in knowing if it’s actually working. How do you know if your machines have ever set the password? Or maybe they set it once and haven’t updated it since even though it’s past the designated expiration date? It’s definitely worth monitoring to ensure that your machines are operating as expected. Jiri Formacek (the creator of LAPS), threw together a small PowerShell script to provide that capability.
windows active directory securityBash is powerful, it is super permissive, and because of that, it is extremely easy to do something stupid with it. This blogpost is more about good conventions in bash, not it's syntax or how to do basic stuff with it.
bash shellLike programming in C or driving a car, contemporary shellscript languages require some knowledge and discipline to use safely, but that's not to say it can't be done. This guide is here to show that in bash, it can be done. Specifically, those systematic bugs that the language encourages can be eliminated by disciplines that are outlined here. Realize that Bash is not a language where the correct way to do something is also the easiest.
bash shellThis wiki is intended to provide human-readable documentation and information so users aren't forced to read every bit of the Bash manpage - which can be difficult to understand.
bash shellLocal Administrator Password Solution (LAPS) has been around for a while and last year it became an official supported tool by Microsoft. Since there are so many articles about it, I would like to share my tweaks. I decided to create my own LDF file to extend the schema with this two attributes because I feel that a few things are missing.
active directory security windowsSome people prefer using tmux on the local machine only on top of their terminal emulator, supercharging it with multiplexing and window management in the first place. People who spent most of their time SSH’ing on remote hosts, make use of persistent session nature and resistance to network disconnects.
tutorial tmux terminalIn this book, we will break down tmux by its objects, from servers down to panes. It also includes a rehash of terminal facilities we use every day to keep us autodidacts up to speed with what is what. I’ve included numerous examples of projects, permissively licensed source code, and workflows designed for efficiency in the world of the terminal.
reading terminal tmux